Draft: CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (!4576) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

CKI Backport Bot requested to merge redhat/red-hat-ci-tools/kernel/bot-branches/centos-stream-9:backport-RHEL-35116-centos-stream-9-main into main Jun 25, 2024

JIRA: https://issues.redhat.com/browse/RHEL-35116
CVE: CVE-2024-27065

netfilter: nf_tables: do not compare internal table flags on updates

Restore skipping transaction if table update does not modify flags.

Fixes: 179d9ba5559a ("netfilter: nf_tables: fix table flag updates")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
(cherry picked from commit 4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139)

Signed-off-by: cki-backport-bot cki-ci-bot+cki-gitlab-backport-bot@redhat.com

Draft: CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates

Merge request reports